Rebecca MacKinnon's postings about work, reading, and ideas from 2004-2011.

July 21, 2005

My conversation with Cisco

Yesterday I got a phone call from Terry Alberstein, Director of Corporate Affairs, Cisco Systems - Asia Pacific. He wanted to clarify a number of things in response to my recent blog posts. We had a long conversation, some of which was "on background" - which means I agreed not to quote him directly, and some of which he agreed after the fact I could put "on the record." By the end of our discussion, all of his personal perspectives stayed off the record (which are less relevant in the greater scheme of things anyway), while everything he told me about Cisco's policies and activities ended up on the record. So here's what I learned:

Cisco confirms that it does indeed sell networking and telecommunications equipment directly to Public Security and other law enforcement offices all over China.

Alberstein said that Cisco sells to police around the world, and it's not illegal for Cisco to do business with the Chinese police, because the equipment sold is not actually prohibited under the Foreign Relations
Authorization Act. (Indeed, the Act only prohibits equipment like stun guns, handcuffs and helmets, saying nothing about high-tech communications or networking equipment.)

He reiterated that Cisco is doing nothing against U.S. law. Nor does Cisco believe it's doing anything wrong. Quote: "It's not against the law to sell networking equipment to policing agencies in the PRC." [People's Republic of China]

He emphasized that Cisco does not tailor routers for the Chinese market and does not customize them for purposes of political censorship. What the purchaser does with them is their business. Quote: "The products that Cisco sells in China are the same products we sell in the U.S. We do not custom-tailor any product for any export market."

...but yes, they do provide service and training to their customers.

Following up on our conversation Alberstein emailed me a statement with further clarification of what he would like to have on the record. I've attached it to the end of this post. Let me know what you think.

What do I think?

The fact that Cisco clearly has no qualms about doing business with the Chinese Public Security Bureau is odious. We should change the law to make it illegal for companies like Cisco to sell networking and telecommunications equipment to police agencies in countries like China where the practice of law enforcement includes things like beating up little old ladies who demonstrate peacefully for their religious rights in Tiananmen Square, routine torture of people jailed without due process, and ongoing crackdowns against political dissent of all kinds.

Cisco insists that it does not directly assist with censorship or suppression of free speech in any way. Its routers are global-standard, out-of-the-box, one-size-fits-all. OK. But I remain skeptical that the service and training which they provide to their customers (including the Chinese Public Security Bureau and other law enforcement organs) has never involved assistance of clients with configurations and functions that would include political censorship or invasive surveillance. I never got a definitive answer that cleared up my skepticism on this point. My skepticism runs especially deep given that Cisco has no qualms about doing business with Chinese law enforcement, and that CEO John Chambers says in public speeches that Cisco aims to become a "Chinese company." I know for a fact that Chinese companies work closely with Chinese law enforcement on whatever Chinese law enforcement wants. So if you're trying to behave like a Chinese company that's naturally what you will do.

Cisco argues that if they don't do this business, their competitors will. And that will be bad for U.S. jobs. Well, as I've said before, at the end of the day either we believe that the ideals of "freedom" and "democracy" mean something, and are worth sacrificing short-term profit so that more people around the world have a chance of benefiting from them, or we don't. Cisco clearly doesn't. This is an insult to the thousands of Americans - public servants, men and women in uniform, journalists and others - who risk their lives daily in far-flung corners of the globe for the sake of these ideals. Such business behavior cheapens and sullies these sacrifices, making Americans look like total hypocrites in the eyes of people around the world. They contribute to the reasons why, as a journalist covering protests from Beijing to Seoul to Peshawar, Pakistan, I had to pretend I was Swedish in order to avoid bodily harm.

BELOW IS THE FULL TEXT OF AN EMAILED STATEMENT FROM CISCO SYSTEMS PUBLIC RELATIONS:

As one of the world’s leaders in Internet networking
technology, Cisco Systems has played an important role in the growth of the
Internet globally. Cisco has also played an important role in the
development of the Internet in China.
Today the Internet in China has over 100 million users, one of the largest Internet populations in the
world, and continues to grow rapidly.

The networking hardware and software products that Cisco
sells in China are exactly the same as we sell in every market in the world.

And it is our users, not Cisco, that determine the
applications that they deploy.

Cisco is not in violation of the Foreign Relations
Authorization Act. The act in question requires export licensing from
the U.S. Department of Commerce for specifically designed policing equipment
like shotguns, police helmets and handcuffs. Networking products from
Cisco and our competitors are not covered by this legislation.

Cisco Systems does not participate in the censorship of
information by governments. Moreover, Cisco complies with U.S. Government
regulations, which prohibit sale of our products to certain destinations; or to
users who misuse our products or resell them to prohibited users.

Cisco does sell networking equipment to law enforcement
agencies around the world, including in China, in compliance with U.S. Department
of Commerce regulations. Our products offer benefits
through the networking of computing devices that aid in the effectiveness
and timeliness of law enforcement. We also sell our products to many
public sector organizations like universities, municipal governments,
utilities, etc.

Additionally, the market for networking products in China is highly
competitive - we have strong competition in that market from French, Japanese,
Canadian, Korean and Chinese competitors.

With respect to Mr. Gutmann and Mr. Wu's allegations
published on your site, we reject these claims completely as baseless. We
note that Mr. Gutmann has never called Cisco, either with respect to his
original claims several years ago, or now, to seek any information or explanation
on Cisco's products or services for his magazine articles or forthcoming
book. We believe that these claims stem from fundamental misunderstanding
about what networking products do and what they are capable of.

With respect to service and training of our products, all
Cisco customers globally have access to Cisco training and support. We
provide service and support, either directly by Cisco or, in many cases,
through systems integration partners for our equipment. However, these
services do not entail the day to day management of networks. Our service
and post-sales support is designed to replace faulty or defective products, and
to provide training for the proper operation and configuration of network
hardware.

END OF EMAILED STATEMENT FROM CISCO SYSTEMS.

NOTE: I've been alerted to the fact that due to a typo, paragraph 7 omitted a "not" which was originally intended to be there. I've added it in as requested. - RM

That's a very good question and one I'm trying to wrestle with as two organizations I consult for are nearing a network upgrade decision point. I'm looking for a good way to bring it up in planning meetings. It will matter to them. Personally, I am putting off my own much, much smaller upgrade once again. This time it is not on expense grounds.

I can't help but note certain parallels between the recent SCOTUS ruling on the Grokster case (mfg liabilities on their p2p networking devices, inducing copyright infringement) and this equipment [made in the USA] being sold to communist regime.

This isn't what our great country was meant for - to help in furthering the aims of regimes incompatible with our own.

A ban on Cisco selling such equipment to elements of the Chinese security apparatus would be all well and good. Its effects, however, would be negligible as the PSB et al would simply source through offshore companies via Singapore, Bangkok, Hong Kong or any number of other places. Hell, they could probably have a holding company source the gear in Taipei. You know, a high-tech twist on selling the rope with which you'll be hanged.
Rounding up consultancy providers likely wouldn't be much harder.
You are of course correct in your assessment of Chinese companies and their "cooperation" with the Chinese government, but I'd take it a step further and state that major Chinese companies are a de facto commecial arm of the Chinese government and will "cooperate closely" (i.e. do as they're told) with ANY Chinese government organ, particularly the military and security establishment.
So what's the solution?
Who knows. One can only hope a spirited, technologically saavy underground opposition will stay a step ahead of the totalitarian dullards.

I am very happy to have the Internet in China at all — I remember the days when it was a struggle to get hold of a copy of Time magazine in Beijing. Whereas in China today today, you have access to almost as much information online as anyone in America, although because of filtering, it is slightly more difficult to find out about certain topics that the Communist Party would rather no one talked about.

If Cisco is blamed for filtering the Chinese Internet, they should also be praised for being a part of building it in the first place.

As you know Rebecca, your website is blocked in China, so I have taken the liberty of reproducing your post in full on (with my comments as above) on my website - Danwei.org which is not blocked in China.

I don't see any real difference between selling something to the Chinese police and any other agency of the Chinese government. That includes government controlled businesses. Any of them could easily transfer assets to the security agencies. As could private citizens and businesses. So should we prohibit all sales of networking gear to China? What else should not be allowed to be sold to China that is currently legal? It seems a bit simplistic to say "Police bad, other parts of the government good." I mean I am can see an arguement that says we (US companies) should not do business or some kinds of business with China. I just want to know where the line should be drawn.

Apalling, but unsurprising. Cisco is engaged in business that is morally odious but potentially quite lucrative. Corporations do not have a conscience and it is unrealistic to expect them to limit their behavior in the absence of legal or financial consequences.

Of course this is not intended as an argument against the imposition of such consequences. It is absurd that we are expending so much to bring a degree of freedom and liberty to Southwest Asia but cannot even muster some simple legislation to protect the citizens of other nations. Even if we wish to avoid legislating morality, such laws would also be in our own national interests.

I do have to wonder about Cisco's foot in the Chinese market, as it relates specifically to what looks pretty clearly like the Huawei theft of Cisco source code (perhaps by one of those H-1B visa holders working in San Jose.)

I wonder if that Huawei code, modified to do "dirty tricks," can be loaded on a Cisco router.

My money is on "yes."

But then, that begs the question, why would the Chinese buy Cisco gear if they can get the same from Huawei? I'd guess offhand it's because Cisco is doing all the bleeding-edge R&D work, financed by sales to China.

One Cisco brand which is probably very familiar to many bloggers is Linksys, pioneers of low-cost networking equipment like the very router I am using now. If you want to take it out on Cisco, don't buy Linksys.

Personally, I'm with Jeremy Goldkorn on this one. On the whole, Cisco's role in building Internet in China redounds to *more* freedom for the Chinese, not less.

I'm afraid Rebecca MacKinnon and some of the comment here are missing the real point entirely. The real point is that the Chinese are becoming increasingly dependant on US intrastructure. For decades, the PRC has made a lot of noise about become technologically self-sufficient, especially in IT, but their homegrown products never work as well or are as affordable as Western [especially US] equipment. They used to resist using western products in key areas [like the security services and the PLA] but practical considerations [and bribes] sometimes got the better of them. This shows that PRC security standards are still eroding; getting our IT equipment into the PRC security services is something of a coup.

So whatever profit Cisco makes on China [and it's not very much], the strategic implications of China's security organs depending on US IT equipment are huge. Far from being appalling, this should be applauded: owning your enemy's IT infrastructure is the single greatest advantage one can have these days.